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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings of claims in the application: 
Listing of Claims; 

1 . (Currently Amended) Apparatus for security applications, the apparatus 

comprising: 

a plurality of interfaces, the plurality of interfaces including a first [[an]] interface 
coupled to a storage network, the first interface being adapted to receive a frame fi-om the storage 
area network: 

a tracking component being configured to provide a statistics based on data flows 
associated with the plurality of interfaces: 

a classifier coupled to at least the first interface, the classifier being adapted to 
determine an information type associated with the firame, the type b e ing an including at least 
initiator, data, ^id[[or]] terminator, the classifier being adapted to determine header information 
associated with the frame; 

an encryption/decryption processor coupled the security action processor, the 
encryption/decryption processing being adapted to perform encryption/decryption based on the 
statistics and the type : and 

a content addressable memory coupled to the classifier. 

2. (Original) Apparatus of claim 1 wherein the content addressable memory 
comprises a rule portion and a flow portion, the rule portion being adapted to determine header 
information and command information fi:om the initiator firame and the flow portion being 
adapted to provide a flow based upon the header information. 

3. (Currently Amended) Apparatus of claim 1 further comprising: 
a central processing unit coupled to the classifier; 

an action processor coupled to the central processing unit; 
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a security action processor SAP processor coupled to the central 
processing unit, the SAP being adapted to process data block by block; and 

an e ncryption/d e cryption processor coupled th e s e curity action proc e GSor, 
th e encryption/d e cryption proc e ssing wherein the encryption/decryption processor is b eiag 
adapted to encrypt/decrypt the data block by block. 

4. (Original) Apparatus of claim 1 wherein the initiator determines a read or 
a write process. 

5. (Original) Apparatus of claim 1 wherein the content addressable memory 
comprises at least two MBit. 

6. (Currently Amended) Apparatus of claim 1 wherein the interface is 
adapted to receive the frame through [[the]] a fiber channel in a SCSI format. 

7. (Original) Apparatus of claim 1 wherein the frame is associated with a 
SCSI frame format. 

8. (Original) Apparatus of claim 1 wherein the classifier is provided on an 
integrated circuit chip. 

9. (Original) Apparatus of claim 1 wherein the classifier is adapted to 
maintain w ire speed operation while determining the information type and header information 
associated with the frame. 

10. (Original) Apparatus of claim 1 further comprising a flow context random 
access memory coupled to the classifier, the flow context random access memory being adapted 
to store a policy based upon a flow, the flow being associated with the header information. 

1 1 . (Original) Apparatus of claim 1 wherein the classifier is used in 
determining access controls to target volumes & partitions. 



Page 3 of 12 



Appl. No. 10/686,550 PATENT 

Amdt. dated June 7, 2007 

Reply to Office Action of March 30, 2007 

12. (Original) Apparatus of claim 1 wherein the classifier is used in allowing 
access to specific targets only to authenticated hosts and, in some scenarios applications running 
on the hosts. 

13. (Currently Amended) Apparatus of claim 1 wherein the apparatus 
aparatu s is operable in a NULL port in a storage area network. 

14. (Currently Amended) Apparatus for security applications of storage area 
networks, the apparatus comprising: 

an interface coupled to a storage network, the interface being adapted to receive a 
frame from a first source of a plurality of sources in t he storage network; 

a tracking component being configured to provide a statistics based on data flows 
associated with the plurality of sources: 

a classifier coupled to the interface, the classifier being adapted to determine an 
information type associated with the frame, the type being an initiator, data, or terminator, the 
classifier being adapted to determine header information associated with the frame; and 

a content addressable memory coupled to the classifier, the content addressable 
memory comprises a rule portion and a flow portion, the rule portion being adapted to determine 
header information and command information from the initiator frame and the flow portion 
being adapted to provide a flow based upon the header information; 

a central processing unit coupled to the classifier; 

an action processor coupled to the central processing unit; 

a security action processor SAP processor coupled to the central processing unit, 
the SAP being adapted to process data block by block; and 

an encryption/decryption processor coupled the security action processor, the 
encrj'ption/decryption processor being adapted to encrypt/decrypt the data block by bloc k based 
on at least the statistics . 

15. (Original) .Apparatus of claim 14 wherein the initiator determines a read 
or a write process. 
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16. (Original) Apparatus of claim 14 wherein the content addressable 

memory comprises at least two MBit. 

17. (Currently Amended) Apparatus of claim 14 wherein the interface is 
adapted to receive the frame through [[the]] a fiber channel in a SCSI format. 

1 8. (Original) Apparatus of claim 14 wherein the frame is associated with a 
SCSI frame format. 

19. (Original) Apparatus of claim 14 wherein the classifier is provided on an 
integrated circuit chip. 

20. (Original) Apparatus of claim 14 wherein the classifier is adapted to 
maintain wire speed operation while determining the information type and header information 
associated with the frame. 

21. (Original) Apparatus of claim 14 further comprising a flow context 
random access memory coupled to the classifier, the flow context random access memory being 
adapted to store a policy based upon a flow, the flow being associated with the header 
information. 

22. (Original) Apparatus of claim 14 wherein the apparatus is not a switch or 
a router or a virtualization device. 

23 . (Currently Amended) Apparams of claim [[22]] 14 wherein the apparatus 
further comprises a switch or a router or a virtualization device. 

24. (Currently Amended) A method for security applications for storage area 
networks, the method comprising: 

receiving one or more frames at a security apparatus from a storage area network 
device through a fibre fiber channel, the storage area network device being operated by client 
device, the client device being coupled to the storage area network device; 
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determining a frame type of the one or more frames at the security apparatus , the 
frame type including at least an initiator type, a data type, and a terminator type : 

creating a flow process through one or more processors if the frame type of m the 

initiator frame; 

processing one or more subsequent frames associated with the flow process 
through the one or more processors at wire speed; 

performing encryption or decryption based on the frame type: 
whereupon the processing is substantially transparent to a user of the client 
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